Hackers in China spent four months sneaking up on its cybertarget, exploiting American universities to mask their approach, all to penetrate … the New York Times? That’s what the Gray Lady reports today, although claiming that nothing of importance was stolen. The hunters became the prey soon enough, Nicole Perlroth writes:
For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.
After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in.
The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings.
According to the article, the hackers installed malware that eventually found its way onto every computer on the NYT network. They collected all of the passwords in order to access files stored outside of the network servers. The hackers spent four months rifling through the Paper of Record’s records. And the only thing that interested them was the sources for their reporting on Wen?
That sounds a little odd, although it’s plausible. Authoritarian regimes tend to overreact to criticism and do strange things; certainly, Joseph Stalin and Saddam Hussein exemplified the extreme end of that behavior, and they’re hardly alone in it. But this had to have taken a lot of resources and risked exposing cyberwarfare strategies that China might have preferred to keep under wraps for somewhat more lucrative targets.
According to the Times, they didn’t even bother going after financial records of customers or staff:
Security experts found evidence that the hackers stole the corporate passwords for every Times employee and used those to gain access to the personal computers of 53 employees, most of them outside The Times’s newsroom. Experts found no evidence that the intruders used the passwords to seek information that was not related to the reporting on the Wen family.
No customer data was stolen from The Times, security experts said.
For its part, China calls the accusation “unprofessional and baseless.” If this report is true, it sounds as though China conducted a rather unprofessional bit of cyberwarfare for baseless value.